With development of science and technology, touchscreens start to be used on many electronic products such as a mobile phone and a tablet computer. An electronic product may have an independent operating system. A user may autonomously install, according to a need, application software provided by a third-party service provider. By using such a type of application software, functions of an electronic product may be extended.
Currently, an electronic product generally has a network connection function. A user can browse various types of information on a network and download and install various types of application software by using an electronic product. When using network resources, an electronic product may face various network attacks. When a network attack is launched on information input of an electronic product, key information is leaked. Specifically, when logging into various clients (for example, a bank client) or performing user registration or login on various related web pages (for example, an email box) by using an electronic product, a user needs to input key information such as a user name or a password on a screen presented by the electronic product. In this case, if the electronic product already suffers a network attack, an attacker can determine a keyboard layout by obtaining an input method used by the electronic product; and determine, by obtaining a touch point that is touched by the user on the screen presented by the electronic product and with reference to the keyboard layout, a character input by the user when the user touches the screen of the electronic product each time. Based on a character corresponding to each obtained touch point, the attacker can determine the key information input by the user.
It can be learned that, a current keyboard display manner of an electronic product easily causes leakage of key information.